GSC has been hacked
Zazazu:
The intent could just be for the "hacker" to look like they have a big dick. Even if they know they aren't causing permanent damage, they are causing those they believe to be pirates some frustration, which gives them the giggles.
Quote from: Inge on 2010 January 15, 07:41:36
As a T with some F, I say that a twin *would* know if their twin was lying. Whether techie or artistic. And the liar would be finding it increasingly hard to look nonchalent as the pressure is maintained and the income of several people they are close to reduces as a result.
I am a horrible liar, so much so that I haven't even attempted one since I was a new 18. However, I can lie easily and do to my parents. The 'rents think I have a degree. They have seen a copy of this degree. They know the supposed classes I took while I finished said degree. I'd argue that sometimes the easiest people to lie to are family.
That said, I don't think it is Thomas doing the dastardly deeds. I have a few ideas, not limited to Atwa. I have absolutely no proof...just going off of general attitudes I've observed from being on both sides of the fence.
Johan:
Quote from: J. M. Pescado on 2010 January 15, 08:56:49
Scriptkiddy site. Common, but of no real use. This misses one severe underlying difficulty: To get a HASHED password, you need to have access to the database the hashed password CAME from. You already admitted TSR didn't hash them, so getting access to the TSR database would have bypassed this problem to begin with. Conversely, if someone got a password from ELSEWHERE, they would not be able to know which ones are the same as TSR's, and therefore, would not be able to attack pretending the information came from TSR when it did not. Therefore, there are no plausible scenarios for this OTHER than the TSR-origin scenario. Can you think of a plausible origin in which someone could somehow acquire compromised passwords from a non-TSR source, and then make them look like they came from TSR without access to TSR itself? I can't. Even if the information could be gained from elsewhere, which is not likely, since you would need DB access there, too, there is no way to massage this information to then make it look like it came from TSR.
It looks like a pretty good place to get help cracking a password if you have the hash and the salt. Most such requests seems to be answered very fast.
I'm not saying it's easy to get access to a database and obtain the necessary information i'm just saying that IF you do it would be far from impossible to crack the passwords.
Not as easy as plain text passwords of course but doable.
Regardless of the origin, TSR or elsewhere, you would need db access to get the plaintext or hashed password. With or without help of someone with such access.
Not sure i understand what you mean with "make them look like they came from TSR" but if a password is the same on both TSR and some other place there would be no need to massage it to make it look like it came from TSR?
Quote from: J. M. Pescado on 2010 January 15, 08:56:49
I'm not sure which incidents you're referring to, but if you're talking about what I think you're talking about, I seem to recall incidents in which an actual FA decided to soup from TSR, and did this on their own. This act was then immediately written off as the work of "hackers" officially.
Quote from: J. M. Pescado on 2010 January 15, 08:56:49
Alternatively, if we're talking about the same incident, or even a similar case, they COULD have simply bypassed the password change using the lost password recovery system, if they had access to the email, either because they actually *WERE* the user in question, only behaving in a manner that your staff didn't approve of by trying to leave, or because they had already hacked that particular user completely.
I'm not sure i know what incident you're talking about but i don't think it's the same as i was thinking of.
Multiple FA accounts were affected and AFAIK none of them left us, at least not soon after. This happened at least 2 times.
We gave out the new random passwords in chat but as you say the new password could also have been obtained by the password recovery system we had when passwords were in plaintext. So if someone's email were compromised that would be one way to obtain it.
The relatively large number of accounts affected makes the probability if that scenario rather low though.
Quote from: J. M. Pescado on 2010 January 15, 08:56:49
We have never specified that Thomas himself committed the hackings. In fact, this scenario seems unlikely. The more plausible scenario is that someone, possibly Thomas, possibly someone else, provided the agent who then proceeded to do this with the information needed to carry it out, and then turned them loose, disavowing any responsibility for their actions. While the Buggybooz incident turned out to be somewhat of a disaster, this may not even have been an intended outcome: It is possible that the original information was released for some other purpose, and, well, you can't put the genie back in the bottle.
You're also saying the following hackings after buggy up until Scotty and Witchboy are linked and follows the same pattern which implies that one of the owners would still supply this agent with passwords.
Since we changed to hashed passwords they can no longer be supplied in plaintext.
In order to obtain the hashed ones you would need to know how to access the database and pull data from it. You would also need to obtain the salt which is store elsewhere.
Me and Per are the only ones that would be able to do that and we didn't.
Inge:
Quote from: Johan on 2010 January 15, 22:03:00
We gave out the new random passwords in chat
!! How secure is that?
Johan:
Quote from: Inge on 2010 January 15, 23:31:46
Quote from: Johan on 2010 January 15, 22:03:00
We gave out the new random passwords in chat
!! How secure is that?
Private individual chat of course, don't know if it was irc or skype, perhaps both.
J. M. Pescado:
Quote from: Johan on 2010 January 15, 22:03:00
Regardless of the origin, TSR or elsewhere, you would need db access to get the plaintext or hashed password. With or without help of someone with such access.
Not sure i understand what you mean with "make them look like they came from TSR" but if a password is the same on both TSR and some other place there would be no need to massage it to make it look like it came from TSR?
Meaning, in order for someone to use passwords as if they came from TSR, they would have to make sure to ONLY use those that matched TSR passwords. They would thus have to intentionally pass up attack on people whose passwords they had, but could not access from TSR. Additionally, how would they KNOW the passwords matched TSR unless they tried them, and thus made it apparent that this was occurring? Without the knowledge that the passwords actually DID match TSR's passwords, the attack pattern could not be matched to TSR.
Quote from: Johan on 2010 January 15, 22:03:00
I'm not sure i know what incident you're talking about but i don't think it's the same as i was thinking of.
Multiple FA accounts were affected and AFAIK none of them left us, at least not soon after. This happened at least 2 times.
2 known incidents are not really relatable. Not every incident of vandalism is through the same vector or related. In fact, if someone really HAD externally compromised your DB, you would be seeing a lot more damage than two isolated wipes of FA accounts.
Quote from: Johan on 2010 January 15, 22:03:00
We gave out the new random passwords in chat but as you say the new password could also have been obtained by the password recovery system we had when passwords were in plaintext. So if someone's email were compromised that would be one way to obtain it.
The relatively large number of accounts affected makes the probability if that scenario rather low though.
You say "at least 2". That is not quite a large number, especially in the absence of any other connection. There are plenty of reasons why a password could be compromised in a vacuum without the need to resort to hacking theories, particularly when the vandalism is apparently unrelated, and much of this doesn't even qualify as hacking. Cats and angry siblings can cause plenty of random deletions without any hacking at all.
Quote from: Johan on 2010 January 15, 22:03:00
You're also saying the following hackings after buggy up until Scotty and Witchboy are linked and follows the same pattern which implies that one of the owners would still supply this agent with passwords.
Or that the old password sheet is still alive and still held by the hacker.
Navigation
[0] Message Index
[#] Next page
[*] Previous page